New Trucking Mandate: Improving Safety or Opening Door to Hackers?

The trucking industry is currently only four months away from an approaching deadline that will require most commercial truck drivers to use an ELD—or electronic logging device—to monitor hours of service (HOS). Current regulations maintained by the Federal Motor Carrier Safety Administration (FMCSA) require that certain spans of time spent behind the wheel of large trucks and other vehicles be relieved by rest periods to prevent driver fatigue.

While larger transport companies have already adopted this new technology, many smaller fleets have hesitated. For many, the cost is a factor. Yet, now the industry is now seeing phone- and tablet-based apps that are allowing more players to be compliant without added upfront costs.

The problem is that going down the path of a personal mobile device solution quickly brings up questions of cybersecurity. Such concerns are not unfounded—as more and more devices and networks become inter-connected, they create vulnerabilities that can be exploited. Experts in the field refer to this cyber-physical environment as IoT (The Internet of Things) and they estimate that it could consist of 30 billion devices, sensors and electronics with network connectivity by 2020. While ELDs would be a proverbial needle in this haystack of connected technology, it’s possible that they could be targeted by hackers.

While this poses a threat to information security for the carrier(s), it’s hard to see how it could affect the safety of large trucks on the highway, right? Well, according to University of Michigan researchers, this risk is all too real. They tested the limits of what could be tapped into through a big rigs’ diagnostics port. Through trial and error, they were able to send digital signals into the truck’s internal system and control acceleration, disable the semi-trailer’s brakes—even change the readout of the truck’s instrument panel!

Yet, ELD suppliers point out that there’s little to worry about when considering the possibility of a hacker gaining access to a vehicle’s controls through an onboard connected devicebut haven’t we heard such promises of isolation before, only to have them crumble once a crack is found and exploited by cybercriminals? While sensitive information is at risk, the experiment at the University of Michigan shows that our safety on the highways could be compromised as well.